Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/LfEDQcMjb1rbOaa6nyRfRn9LJ_c.roa
File: LfEDQcMjb1rbOaa6nyRfRn9LJ_c.roa (raw, json)
Hash identifier: s1/lq+MLu9BQYRgFJFZjfIHhKiinEretg9BNqBOr1H4=
Subject key identifier: 2D:F1:03:41:C3:23:6F:5A:DB:39:A6:BA:9F:24:5F:46:7F:4B:27:F7
Certificate issuer: /CN=2b9ade3c191278b2aa8ad76742eebbdefe7285e6
Certificate serial: 018573718EFFDC2044A405FC6A65E8E2B829
Authority key identifier: 2B:9A:DE:3C:19:12:78:B2:AA:8A:D7:67:42:EE:BB:DE:FE:72:85:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5rePBkSeLKqitdnQu673v5yheY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/LfEDQcMjb1rbOaa6nyRfRn9LJ_c.roa
Signing time: Mon 02 Jan 2023 17:05:00 +0000
ROA not before: Mon 02 Jan 2023 17:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60163
IP address blocks: 185.54.30.0/24 maxlen: 24
185.54.28.0/24 maxlen: 24
185.54.31.0/24 maxlen: 24
185.54.29.0/24 maxlen: 24
2a02:4261::/32 maxlen: 32
2a02:4263::/32 maxlen: 32
2a02:4260::/32 maxlen: 32
2a02:4264::/30 maxlen: 30
2a02:4262::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:8e:ff:dc:20:44:a4:05:fc:6a:65:e8:e2:b8:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b9ade3c191278b2aa8ad76742eebbdefe7285e6
Validity
Not Before: Jan 2 17:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2df10341c3236f5adb39a6ba9f245f467f4b27f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4b:0c:18:8e:a5:04:d1:01:2c:43:37:54:ef:
a8:43:b3:c5:8a:70:63:1a:93:ba:b5:5f:f4:09:f1:
a6:36:70:41:c7:33:ec:0c:11:81:02:cf:76:2b:6a:
db:16:cf:8c:6e:7f:94:f1:50:c4:3f:2c:4c:ab:d2:
e3:5c:70:aa:03:9c:81:17:ed:6e:7a:37:b4:be:80:
25:12:ec:de:06:96:e8:70:9d:ef:22:35:6b:c8:ec:
d8:33:7f:63:91:ae:15:4c:83:39:f1:b6:7d:72:8f:
72:40:6e:34:1a:ab:68:d3:c9:b4:4a:0a:24:06:40:
9a:ab:51:51:4d:9e:8c:f5:d1:b1:b1:bc:6b:4a:e5:
e0:47:8b:45:c9:c9:cd:f8:c3:73:ac:78:b0:65:a9:
ef:b5:4d:50:8e:cc:65:8b:38:17:82:9b:91:98:ab:
cc:7c:72:a6:ca:1a:7c:15:1b:ba:3e:17:ce:19:d9:
32:a4:1b:e5:21:70:32:4c:16:02:4f:1d:43:35:9a:
a6:da:78:f2:b6:7b:10:04:b0:21:8a:75:cf:db:88:
00:9f:7e:62:d4:5f:7e:bf:e6:e7:60:78:c1:e2:6d:
0b:32:d6:5a:dd:43:3a:26:70:57:9c:b5:20:53:c6:
d4:48:6b:d1:a8:d8:5f:8a:b9:c6:56:83:e8:83:c9:
4a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F1:03:41:C3:23:6F:5A:DB:39:A6:BA:9F:24:5F:46:7F:4B:27:F7
X509v3 Authority Key Identifier:
keyid:2B:9A:DE:3C:19:12:78:B2:AA:8A:D7:67:42:EE:BB:DE:FE:72:85:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5rePBkSeLKqitdnQu673v5yheY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/LfEDQcMjb1rbOaa6nyRfRn9LJ_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/K5rePBkSeLKqitdnQu673v5yheY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.28.0/22
IPv6:
2a02:4260::/29
Signature Algorithm: sha256WithRSAEncryption
2c:70:bd:31:2b:af:f1:ea:8f:50:f7:8e:80:e3:c6:b6:a5:90:
5b:61:c2:f3:b4:b7:f1:a9:43:c0:fb:56:93:58:5a:d3:1f:a6:
c8:99:8a:b5:dc:d8:50:29:c4:c6:44:f5:9e:00:71:19:19:c4:
3d:be:e5:c6:8a:d1:5c:c5:59:18:68:1e:7b:77:8d:ad:02:08:
a3:ba:77:77:19:04:fb:ab:07:87:6b:55:f4:43:f2:65:1d:c4:
4f:7d:ed:25:ec:e6:83:96:ea:1f:5d:66:61:71:6b:59:25:fb:
00:71:62:4d:bc:23:f8:d0:70:7a:6f:17:a8:09:1a:7c:4d:9c:
de:86:7b:b0:3f:a0:ad:26:02:3c:05:ee:aa:30:74:17:5b:a5:
5e:5b:44:9e:82:9b:83:c7:7d:94:47:0d:8d:84:4b:b9:f4:45:
ba:b3:20:bc:d0:03:80:17:ad:3e:fd:26:f5:80:39:45:f0:78:
5e:81:ee:28:b5:a8:84:35:4b:b5:c3:73:38:65:d4:86:35:8c:
73:25:be:43:60:51:b1:a6:8c:6c:98:84:05:18:1d:b7:f8:b1:
b0:0b:5d:23:b5:9c:9a:6c:9d:b2:18:5c:fe:4f:91:eb:aa:fe:
3c:a6:e9:e4:01:3e:63:97:82:ac:23:be:58:76:eb:42:16:ec:
c7:93:c3:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzcY7/3CBEpAX8amXo4rgpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOWFkZTNjMTkxMjc4YjJhYThhZDc2NzQyZWViYmRlZmU3
Mjg1ZTYwHhcNMjMwMTAyMTcwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGYxMDM0MWMzMjM2ZjVhZGIzOWE2YmE5ZjI0NWY0NjdmNGIyN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEsMGI6lBNEBLEM3VO+oQ7PFinBj
GpO6tV/0CfGmNnBBxzPsDBGBAs92K2rbFs+Mbn+U8VDEPyxMq9LjXHCqA5yBF+1u
eje0voAlEuzeBpbocJ3vIjVryOzYM39jka4VTIM58bZ9co9yQG40Gqto08m0Sgok
BkCaq1FRTZ6M9dGxsbxrSuXgR4tFycnN+MNzrHiwZanvtU1QjsxlizgXgpuRmKvM
fHKmyhp8FRu6PhfOGdkypBvlIXAyTBYCTx1DNZqm2njytnsQBLAhinXP24gAn35i
1F9+v+bnYHjB4m0LMtZa3UM6JnBXnLUgU8bUSGvRqNhfirnGVoPog8lKiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC3xA0HDI29a2zmmup8kX0Z/Syf3MB8GA1UdIwQY
MBaAFCua3jwZEniyqorXZ0Luu97+coXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVyZVBCa1NlTEtxaXRkblF1NjczdjV5aGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wZTQyZTgtNzQ2Yy00YTNhLThkNjMt
Y2MwNTNmNmExZWU2LzEvTGZFRFFjTWpiMXJiT2FhNm55UmZSbjlMSl9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wZTQyZTgtNzQ2Yy00YTNhLThkNjMtY2MwNTNmNmExZWU2
LzEvSzVyZVBCa1NlTEtxaXRkblF1NjczdjV5aGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTYcMA0E
AgACMAcDBQMqAkJgMA0GCSqGSIb3DQEBCwUAA4IBAQAscL0xK6/x6o9Q946A48a2
pZBbYcLztLfxqUPA+1aTWFrTH6bImYq13NhQKcTGRPWeAHEZGcQ9vuXGitFcxVkY
aB57d42tAgijund3GQT7qweHa1X0Q/JlHcRPfe0l7OaDluofXWZhcWtZJfsAcWJN
vCP40HB6bxeoCRp8TZzehnuwP6CtJgI8Be6qMHQXW6VeW0SegpuDx32URw2NhEu5
9EW6syC80AOAF60+/Sb1gDlF8Hhege4otaiENUu1w3M4ZdSGNYxzJb5DYFGxpoxs
mIQFGB23+LGwC10jtZyabJ2yGFz+T5Hrqv48punkAT5jl4KsI75YdutCFuzHk8P8
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:21 2024 by rpki-client on console-fra.rpki-client.org